- New and modified IoT botnets are among the fastest-growing categories of attacks
- Improper input validation and buffer overflows took the top place in the ICS-Cert vulnerabilities reported in the first half of 2020
Cyber threats against OT and IoT infrastructure continued to grow in number and impact in the first half of 2020 as per a new report by Nozomi Networks Labs. It said that OT-reliant organizations are increasingly using IoT devices, and COVID-19 has forced a global shift to remote work.
It added that threat actors appear to be capitalizing on these trends. In the first six months of this year, they used IoT botnets and shifting ransomware tactics as their weapons of choice for targeting OT and IoT networks.
Andrea Carcano, Nozomi Networks co-founder, and CPO said, “The steep rise in threats targeting operational networks should be a serious concern for security professionals responsible for keeping not only IT but OT and IoT networks safe. The days when threats to operational networks were few and far between and often attributed to nation-state actors are clearly behind us. As IT, OT, and IoT worlds converge, threat actors of all types are setting their sights on higher-value targets, leaving security organizations scrambling to keep up. It’s a daunting task, but not impossible. We know from working with thousands of industrial installations that you can monitor and mitigate these risks, whether they stem from cybercriminals, nation-states, or employees.”
Modified IoT botnets
The report also found out that new and modified IoT botnets are among the fastest-growing categories of attacks. This is due to the fact that threat actors take advantage of the increased use of IoT devices in operational networks. It also said that ransomware attackers are demanding higher ransoms which are aimed at larger and more critical organisations. It stated, ” Additionally, ransomware gangs are often using a two-pronged approach that combines data encryption with data theft, making it difficult for the victim to avoid paying up.”
As per the report, SNAKE/EKANS ransomware continued to strike and exhibited OT-awareness and suggested that non-state threat actors could target industrial control systems. It said that the COVID-19 global pandemic provided threat actors with more vectors and opportunities for exploitation. It has led to unscrupulous attacks targeting researchers and healthcare organizations on the front lines. Improper input validation and buffer overflows took the top place in the ICS-Cert vulnerabilities reported in the first half of 2020.